Vice Society ransomware leaks University of Duisburg-Essen’s data

The Vice Society ransomware gang has claimed accountability for a November 2022 cyberattack on the University of Duisburg-Essen (UDE) that compelled the college to reconstruct its IT infrastructure, a course of that is nonetheless ongoing.

The menace actors have additionally leaked recordsdata they declare to have stolen from the college throughout the community breach, exposing probably delicate particulars concerning the college’s operations, college students, and personnel.

UDE has since confirmed that they’re conscious the menace actors printed the stolen data and stated that they won’t be paying a ransom.

“After the cyber attack on the University of Duisburg-Essen (UDE) at the end of November, the criminal group responsible for it has now published data on the Darknet,” UDE stated in an announcement.

“The university had not complied with the attackers’ demands and had not paid a ransom.”

BleepingComputer has reviewed some of the leaked recordsdata and located they embrace backup archives, monetary paperwork, analysis papers, and pupil spreadsheets. While they look like real, we’ve no approach to verify their authenticity.

Vice Society starts leaking data allegedly stolen from UDE
Vice Society begins leaking data allegedly stolen from UDE
Source: BleepingComputer

Vice Society’s assault on the University of Duisburg-Essen continues the ransomware operation’s continued concentrating on of the training sector.

In 2022, the ransomware gang attacked the Cincinnati State Technical and Community College, the Medical University of Innsbruck, and the Los Angeles Unified faculty district.

These assaults led the FBI, CISA, and MS-ISAC to launch a joint advisory warning that the ransomware gang is more and more concentrating on U.S. faculty districts.

Rebuilding UDE’s IT infrastructure

The cyberattack was disclosed by UDE on November twenty eighth, 2022, forcing the college to close down all electronic mail, communications, and IT methods till additional discover. The college additionally canceled the deliberate exams proper earlier than the Christmas vacation.

By December 07th, 2022, UDE’s IT specialists had returned a number of core methods to a practical state. In addition, on December twenty second, 2022, a widespread password reset motion for the net studying platform affecting 40,000 individuals was taken.

However, UDE was nonetheless removed from returning to regular operations.

On January ninth, 2023, UDE knowledgeable college students and personnel that as a result of intensive harm brought on by the cyberattack, and the advanced sample of this harm, the one approach to restore all methods could be to reconstruct all the IT infrastructure.

UDE defined that the cyberattack had impacted 1,200 servers and compromised the central authorization system, so restoring all these could be impractical.

As for the influence of the (claimed) Vice Society assault on UDE, the college has 43,000 college students, 4,000 educational workers, and 1,500 administrative workers. It is taken into account the highest German college within the physics discipline.

In a 2019 interview, the CISO of UDE, Marius Mertens, mentioned the profitable mitigation of a ransomware assault. He highlighted the significance of the college’s supercomputer, which ranked among the many prime 500 in Europe, and defined that disruption to its operations would end in important monetary losses.

“A downtime would entail huge costs when converted to the price tag of the lost CPU hours. For example, losing CPU hours for one week would cost us €75,000,” defined Martens.

Leave a Comment